| 31 Jan 2024 |
|  DerivationDingus joined the room. | 09:35:10 |
|  @yuka:yuka.dev joined the room. | 13:19:37 |
 delroth | https://curl.se/docs/CVE-2024-0853.html (low sev) | 13:37:20 |
 hexa | taking that | 14:08:31 |
|  shlevy joined the room. | 14:55:05 |
| hexa | https://github.com/NixOS/nixpkgs/pull/285295 | 15:19:05 |
| 1 Feb 2024 |
|  deightz joined the room. | 04:05:10 |
 ⛧-440729 [sophie raven] (it/its) | https://snyk.io/blog/leaky-vessels-docker-runc-container-breakout-vulnerabilities/
TL;DR multiple container escapes in docker. runc, buildkit and containerd need to be updated. I'm on it | 07:50:44 |
| ⛧-440729 [sophie raven] (it/its) | Well, was already done by the bot, though the first two of these aren't merged yet
https://github.com/NixOS/nixpkgs/pull/285438
https://github.com/NixOS/nixpkgs/pull/285407
https://github.com/NixOS/nixpkgs/pull/285418 | 07:54:17 |
 leona | I created some backport PRs to 23.11 (automatic wouldn't have worked):
https://github.com/NixOS/nixpkgs/pull/285507
https://github.com/NixOS/nixpkgs/pull/285508
https://github.com/NixOS/nixpkgs/pull/285510 | 09:34:13 |
|  ximnoise joined the room. | 09:53:02 |
| ximnoise set a profile picture. | 10:03:31 |
| delroth | https://mastodon.social/@MastodonEngineering/111856895554844910 the patches are out apparently | 15:22:11 |
| delroth | https://github.com/mastodon/mastodon/releases/tag/v4.2.5 presumably | 15:22:28 |
| delroth | and taken care of by https://github.com/NixOS/nixpkgs/pull/285558 | 15:22:45 |
|  schmittlauch (he/him) joined the room. | 16:55:14 |
|  @kudzu:envs.net left the room. | 17:45:38 |
| 2 Feb 2024 |
|  Specx joined the room. | 07:11:03 |
|  dan_nrw joined the room. | 09:52:50 |
| 3 Feb 2024 |
|  neonmei changed their profile picture. | 04:01:08 |
|  raboof changed their display name from raboof to raboof @FOSDEM. | 07:38:53 |
|  @networkexception:chat.upi.li changed their profile picture. | 11:53:46 |
| hexa | https://anydesk.com/en/public-statement | 14:25:06 |
| hexa | latest version uses a new codesigning cert | 14:25:57 |
| hexa | 
Download image.png | 14:27:03 |
| hexa | I don't think they sign linux tarballs 🙂 | 14:27:11 |
 tgerbet | Nope they do not, at least not for what's used in nixpkgs package | 14:28:18 |
| tgerbet | But the package pin did not change in the last 5 months so we are probably fine (unless they were already compromised) | 14:30:31 |
 K900 | My kingdom for remote desktop software that doesn't suck | 14:33:54 |
| hexa | wayland support when | 14:34:08 |
